The BEST explanation for why a penetration tester cannot scan a server that was previously scanned successfully is that the IP address is on the blocklist. Blocklists are used by firewalls and other security measures to restrict access to certain IP addresses or ranges of IP addresses. If an IP address is on the blocklist, it will not be able to be scanned by a penetration tester.
All in the wording I think penetration tester cannot scan = pentester IP on block list
server can't be scanned = server unreachable or wrong IP address
Another horribly written question. It is not specifying which IP is on the blocklist. The attacker machine or the server. Why in the world would any WAF block your server's IP due to an attacker scanning it. That is dumb. If anything, the attacker machine's IP would end up on the blocklist. But again, who's blocklist? The server's? a router? a firewall? I honestly don't know how to answer this question.
Chicken-Egg here: If the IP is on a blocklist, then by default isn't it unreachable? So C can cause B, so B could still be a "correct" answer. Hmmmm....
But which IP are we talking about here. If the server is isolated from network then the correct term should not be blocking but segmentation, isn't it?
Option C, "The IP address is on the blocklist," is the most relevant explanation in this context. Blocklists are commonly used to restrict access from specific IP addresses that might be considered suspicious or have been identified as sources of malicious activity. If the server has detected scanning activity from the penetration tester's IP address and considered it hostile, it could have added the IP address to a blocklist, subsequently preventing further scans from that address.
There could be several reasons why a penetration tester cannot scan a server that was previously scanned successfully. One possible reason could be that the IP address of the server is on the blocklist, which means that the organization's security measures have blocked access from the penetration tester's scanning tool. Another possible reason could be that the server's IP address has changed since the last scan, making it unreachable or belonging to a different device. Therefore, option C is the BEST explanation for this scenario.
C is correct
The most likely explanation for why a penetration tester cannot scan a server that was previously scanned successfully is that the IP address is on the blocklist. Blocklists are used to prevent malicious actors from scanning servers, and if the IP address of the server is on the blocklist, the scanning process will be blocked.
This section is not available anymore. Please use the main Exam Page.PT0-002 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
nickwen007
Highly Voted 2 years, 2 months agob1484e5
Most Recent 8 months agoNateyNat
10 months, 4 weeks agoTytuss
1 year, 1 month ago[Removed]
1 year, 3 months agodeeden
1 year, 1 month agodeeden
1 year, 1 month agoak000x0
1 year, 8 months agosolutionz
1 year, 9 months agomatheusfmartins
1 year, 9 months ago[Removed]
2 years ago[Removed]
2 years, 2 months ago[Removed]
2 years, 2 months ago[Removed]
2 years, 2 months ago[Removed]
2 years, 2 months agoAaronS1990
2 years, 1 month agokloug
2 years, 2 months ago